An international team of eight academics published a paper today outlining how they were able to exploit the LPDDR memory in an LG G4 smartphone. While the test was only practiced on the G4, the exploit could theoretically work on any device with LPDDR memory, which includes virtually every smartphone released since 2012.
The team calls the exploit RAMpage, so-called because it exploits a vulnerability in the RAM modules of smartphones. However, the team explains in the paper that it could also potentially affect tablets, computers, or even cloud servers.
RAMpage involves sending repetitive read/write requests to the memory modules of a device. If done in a certain way, a malicious app could create an electrical field within the RAM that could alter data stored on nearby memory cells.
In other words, any data saved in your smartphone’s memory (passwords, images, text messages, emails, pretty much anything) could theoretically be accessed and manipulated using this exploit.
RAMpage is actually a variation on an earlier exploit of the Android operating system called Rowhammer, which operates in much the same way. However, RAMpage specifically attacks a part of the Android operating system called ION. Introduced in Android 4.0 Ice Cream Sandwich, ION manages memory allocation between different applications.
By attacking ION, RAMpage breaks down the “wall” separating apps from the central operating system, which could potentially give a hacker access to the entire system itself.
The team released a tool it calls GuardION which could protect your device from a RAMpage attack. GuardION is open source and posted on GitHub.
As of now, it appears RAMpage is just a proof-of-concept, with no reports of it being used in a real-world scenario. However, the exploit does exist according to this team and measures should be taken in the future to prevent malicious apps from exploiting the vulnerability.
The research team developed a website and a tool called Drammer, which you can sideload on your Android device to see if it is vulnerable to the RAMpage exploit. Researchers hope that people will load the app and give the team more information about how widespread RAMpage could potentially get.
NEXT: Google could end late security updates with new OEM agreements
28/06/2018 06:47 PM